“Malware” we all know that these are some bugs and programs that harm devices as well as are threat to the personal information of the user. In recent past various Malware such as Godless, HummingBad etc has affected on millions of Android Based Devices. Now Cisco has founded a threat for OS X, iOS, tvOS, watch OS based devices too.
Highlights :
• Intelligence Security Unit of Cisco has found an Image Based Bug.
• The bug makes it possible to execute undetected code remotely on your device.
• The image file formats are such as bmp, dae, tiff and OpenEXR
The Research of Cisco’s Intelligence Security Unit shows that watch OS, OS X, iOS, tvOS, are now can be affected by Malware which is present in a Image File. Cisco Talos’ Tyler Bohan has announced that this image file can enter user’s device via MMS, Email and from an insecure Webpage. The malware can enter by image formats such as Tagged Image File Format (tiff), Bitmap (bmp), Digital Asset Exchange (dae) and OpenEXR.
The tiff and bmp image based malware or bug has its affects on WatchOS, iOS, OS X and tvOS while the OpenEXR image based bug can affect the OS X devices. Once the malware enters the device then the attacker can execute undetected code on the affected device remotely. This can be done in devices where Apple OS use API (The Apple Core Graphics API, Scene Kit, Image I/O) for accessing image Data.
The good thing for users is that Apple has made all the latest versions such as OS X EI Capitan v10.11.6, iOS 9.3.3, tvOS 9.2.2, and watchOS 2.2.2 secure from all these threats. If you are using an older version than these versions, you should immediately update to the latest version as it will make your device as well as your personal information safe from this bug.
Bohan also said that image files can be spread easily over the internet that’s why it is excellent carrier for any kind of bug. The image bugs are more dangerous for Apple devices because Apple Core Graphics, Scene Kit and Image I/O are used by software on Apple OS X. Thus users should update the OS to the latest version as soon as possible.